X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:message-id:to:subject
	:in-reply-to:references:mime-version:content-type
	:content-transfer-encoding; q=dns; s=default; b=xRn5yYdZwnXNpZKY
	7OE2imz0So5O6iPxCW/QrtRn9FWxykrTqXjYWggaUTTzmfi3LrHFl7PbTkIzoBbk
	TVlWrzaKAsICzfZKXZ0n8YpoXSzpG/wvxcSOGLx7Jpo2SXiLpb5KEtbGF/SSVxjq
	Eepm1aLDwsHq/N/AXUNoY897L3c=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:message-id:to:subject
	:in-reply-to:references:mime-version:content-type
	:content-transfer-encoding; s=default; bh=XO1NzqxlJGTpWRBqglNbwV
	0t0ZI=; b=H7GwfUh/CbJiUd3kWDxSRp5kWFKf6gSk49YoYGdfxKScqplDsHP1fC
	HUSXwg/K2M67yMeGXsOnST8fcZGi/okt1MLVZXsd7j/SnEQk4lAMLCzdTepPYiqb
	6EBM8KK02hRfySRxGIwGGmJyRnohXo7+VV+UlMMigAZlUa32+8XPo=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Spam-SWARE-Status:	No, score=0.0 required=5.0 tests=BAYES_00,FREEMAIL_FROM,KAM_THEBAT,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=no version=3.3.1 spammy=HX-Priority:Normal, Wednesday, wednesday, yandexru
X-HELO:	forward101j.mail.yandex.net
DKIM-Signature:	v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1583349602; bh=Mbi7IspyaqHCeGKee7IELCIacUuEm8ssHEW76Bj4ReQ=; h=In-Reply-To:Subject:To:Reply-To:From:Message-ID:References:Date; b=TVoUj0+aCHy4nbTGoE1K3DNIm2+sozuDgs0ukWTdJDkQuEcqBt6divGtZFTIgmom4 iU+cW8iFDr8lq8sSs79u9RN8ekUBIjUGnrleyS5GY7YVx5rxJSImcjI/5gK9HNC2zC XwtUzSVLC00nJ0Xn0RtdQvP2EK6JS9QwI0coMkjs=
Authentication-Results:	mxback10g.mail.yandex.net; dkim=pass header.i=@yandex.ru
Date:	Wed, 4 Mar 2020 22:11:04 +0300
From:	Andrey Repin <anrdaemon AT yandex DOT ru>
Reply-To:	cygwin AT cygwin DOT com
Message-ID:	<1751741634.20200304221104@yandex.ru>
To:	John Selbie <jselbie AT gmail DOT com>, cygwin AT cygwin DOT com
Subject:	Re: ASLR revisited
In-Reply-To:	<CAJn6YFB_qVF-fNpX_CiWhnigaKMWJo-sOWM5C0ZJ89Ez1hvcBg@mail.gmail.com>
References:	<CAJn6YFB_qVF-fNpX_CiWhnigaKMWJo-sOWM5C0ZJ89Ez1hvcBg AT mail DOT gmail DOT com>
MIME-Version:	1.0
X-IsSubscribed:	yes

Greetings, John Selbie!

> For my open source project, I publish source code for Unix written in C++.
> And as a convenience, I publish Win32 binaries compiled with Cygwin's g++
> build. I bundled the compiled EXE along with the dependent Cygwin DLLs
> (cygcrypto, cyggcc, cycstdc++, cygwin1, and cygz.dll).

> Someone rang me up today and said, "We're about to go live with your
> pre-compiled binaries for Windows, but our compliance testing detected your
> code isn't using ASLR (Address Space Layout Randomization).  Can you fix?"

> A quick internet search reveals that Cygwin has a compatibility issue with
> ASRL. Process Explorer from sysinternals.com reveals that the process runs
> without ASLR.

As far as I recall, POSIX forking semantics are incompatible with ASLR.
So, if my memory serves me well, the answer is "don't do that, your
application will break badly."

> Is there a workaround for allowing Cygwin code to have ASLR?  I don't need
> the fork() function.

Build your application for native API. That's the only right answer.


-- 
With best regards,
Andrey Repin
Wednesday, March 4, 2020 22:09:21

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -